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Commissioner for Patents 



Sir: 

This is a Reply Brief pursuant to 37 CFR 41.41 in response to the 
Examiner's Answer issued on April 17, 2008 as to the above-referenced 
application. 

The Examiner and Appellant disagree whether claims 1-6, 14-26, 29 and 31 
are patentable under 35 U.S.C. 103(a) over U.S. Pat. No. 6,289,462 to McNabb and 
U.S. Pat. No. 6,327,652 to England. This Brief replies to the Examiner's answers to 
Appellant's arguments against these references and the Examiner's 
interpretation thereof. 

REMARKS 

The comments in Appellant's Brief on Appeal dated January 4, 2008 are 
incorporated herein by reference. 
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ARGUMENTS 

The Appellant respectfully disagrees with a number of points of the 
Examiner's Answer, as detailed hereafter. The remarks hereafter are directed at 
claim 1 as pending. The Appellant respectfully submits that remarks similar to 
those made to show that claim 1 is non-obvious and patentable over McNabb 
and England can also be made to show that independent claim 24 is non-obvious 
and patentable over McNabb and England. 

No motivation to combine McNabb and England 

In page 3 of the Examiner's Answer, the Examiner acknowledges that 
"McNabb does not explicitly disclose details of establishing the trust in the 
computer system, nor does McNabb explicitly disclose levels of trust", but 
nevertheless opines that the motivation to combine McNabb and England "is to 
be found in England, as cited in the previous Office action, namely to guarantee 
the ability to distinguish between trusted and non-trusted systems executing on 
the same computer". 

The Appellant respectfully disagrees. 

The Appellant notes that opining that the skilled person would have been 
motivated to combine McNabb and England "to guarantee the ability to distinguish 
between trusted and non-trusted systems executing on the same computer", as does the 
Examiner, implies opining that there are such things as a "trusted system" and a 
"non-trusted system" executing on McNabb's computer. 

However, McNabb discloses (see for example independent claim 9) "a 
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trusted server computing system for permitting controlled execution of processes 
in response to a request". The Appellant respectfully submits that it seems 
downright doubtful that there are such things as a "trusted system" and a "non- 
trusted system" executing on the trusted server of McNabb, that need to be 
distinguished. 

Further, the Examiner himself acknowledges that "McNabb does not 
explicitly disclose details of establishing the trust in the computer system, nor 
does McNabb explicitly disclose levels of trust". The Appellant respectfully 
submits that at least because, as acknowledged by the Examiner, McNabb does 
not disclose levels of Trust, it is nonsensical to opine that McNabb teaches both a 
"trusted system" and a "non-trusted system" executing on the trusted server of 
McNabb, which would have led the skilled person to combine England to 
McNabb "to guarantee the ability to distinguish between trusted and non-trusted 
systems executing on the same computer". 

On the contrary, the Appellant respectfully submits that since "McNabb 
does not explicitly disclose details of establishing the trust in the computer 
system, nor does McNabb explicitly disclose levels of trust", McNabb does not 
teach a trusted server executing both a "trusted system" and a "non-trusted 
system", whereby the skilled person would not have been motivated "to guarantee 
the ability to distinguish between trusted and non-trusted systems executing on the same 
computer" , whereby the skilled person would not have been motivated to 
combine McNabb and England. 

The Appellant respectfully submits that at least in view of the above, and 
even assuming that England and McNabb both disclose what the Examiner says 
they disclose, the Examiner has failed to show that the skilled person would have 
found any motivation to combine McNabb and England. The Appellant 
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respectfully submits that the combination of McNabb and England only derives 
from hindsight knowledge of claim 1, and finds no basis in McNabb or England. 

McNabb and England are not analogous art 

In page 8 of the Answer, the Examiner opines that the criterion for 
determining obviousness is that there is a "reasonable expectation of success". 
The Examiner further opines that "because both the McNabb and England 
references are directed to secure and/or trusted operating systems, and are 
therefore analogous art, there would be a reasonable expectation that one would 
be successful in combining features from the two systems". 

The Appellant respectfully disagrees with the Examiner. Indeed, the 
Examiner acknowledges that "McNabb does not explicitly disclose details of 
establishing the trust in the computer system, nor does McNabb explicitly 
disclose levels of trust". The Examiner further states (for example page 3 of the 
Answer) that "McNabb discloses a method including a requester providing a 
specification of a service to be performed that establishes required sensitivity 
levels". 

On another hand, the Examiner states (for example page 3 of the Answer) 
that "England discloses a method in which an operating system is securely 
loaded where each component is associated with a trust level". 

In other words, the Examiner argues that McNabb relates to secure 
operating systems, and that England relates to trusted operating systems, and 
then concludes that McNabb and England both are directed to secure and/or 
trusted operating systems, "and are therefore analogous art". However, the 
Appellant notes that the Examiner actually failed to show why secure operating 
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systems and trusted operating systems would be analogous art. The Appellant 
respectfully submits that it is hardly enough to opine that a reference belongs to 
field A and another reference belongs to field B, to conclude that both references 
belong to the field of A/B "and are therefore analogous art". 

The Examiner asserts, page 11 of the Answer, that while the use of a 
trusted server computer in McNabb is "an example embodiment of a trusted 
computer as described in McNabb, the disclosure in McNabb is more general in 
that McNabb disclosure can relate to computer systems in general (see column 1, 
lines 12-17, generally describing the field of the McNabb reference, and more 
particularly column 8, lines 40-45, describing a general trusted computer system, 
which is not necessarily a server)". 

The Appellant respectfully disagrees and notes that column 1, lines 12-17 
of McNabb recites that the invention of McNabb "generally relates to computer 
system security", whereas column 8, lines 40-45 gives a general definition of a 
"trusted computer system". Thus, the above excerpts are only directed at general 
background teachings. However, the Appellant notes that each of the 
independent claims of McNabb recites a trusted server . Independent claim 1 of 
McNabb and relates to controlling access to a commercial software product 
executing on the trusted server; independent claim 7 of McNabb relates to 
controlling access to a process of the trusted server that perform secondary 
checks, and independent claim 9 of McNabb relates to the trusted server 
permitting controlled execution of processes in response to a request. The 
Appellant respectfully submits that, by reciting the feature of a "trusted server" 
in each independent claim, McNabb explicitly teaches that a "trusted server" is a 
necessary feature of McNabb' s teachings, and not only an example embodiment. 
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contrary to the Examiner's assertion. 

The Examiner asserts, page 11 of the Answer, that England only describes 
a client computer as a non-limiting example, under the rationale that the excerpt 
cited by the Appellant, column 3, lines 56-61, does not explicitly mentions the 
type of computer on which the operating system would be running. However, 
the Appellant respectfully notes that the Examiner has taken the above excerpt 
out of its context. Indeed, column 3, lines 47-61 of England recites that " On the 
more general subject of client-side rights management, several systems exist or have been 
proposed to encapsulate data and rights in a tamper-resistant software package. An early 
example is IBM's Cryptolope. Another existent commercial implementation of a rights 
management system has been developed by Intertrust. In the audio domain, AT&T 
Research have proposed their "Alb" audio rights management system based on the 
PolicyMaker rights management system. Therefore, there is a need in the art for 
guaranteeing that a digital rights management operating system has been properly loaded 
on a computer. Furthermore, such a digital rights management operating system must be 
readily discernable from a non-trusted operating system executing on the same 
computer" . 

The Appellant respectfully submit that, at least in view of the above, and 
contrary to the Examiner's assertion, England explicitly mentions that the type of 
computer on which its operating system would be running is on "client-side"; or 
in other words that England's computer is a client computer. 

In summary, as outlined in the Brief of Appeal of January 4, 2008 and 
contrary to the assertions of the Examiner: on one hand McNabb teaches 
modifying the operating system of a Server (trusted server, see for example claim 
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1 of McNabb) to make sure that a remote user cannot use any loophole of the 
operating system to gain unauthorized access to the server; and on another hand 
England teaches modifying the operating system of a remote user/client (column 
11, lines 1-4) to make sure that a desired operating system is actually loaded in 
the remote user/client. 

The Appellant respectfully submits that the Examiner has failed to show 
that modifying the operating system of a server, as taught by McNabb, would be 
"analogous art" with modifying the operating system of a client, as taught by 
England. The Appellant further notes that, as acknowledged by the Examiner, 
McNabb does not disclose levels of Trust, whereas England does. 

The Appellant respectfully submits that the Examiner has failed to show 
why the server related teachings of McNabb, not disclosing levels of trust, and 
the client related teachings of England, disclosing levels of trust, would be 
analogous art, and has altogether failed to show that McNabb and England are 
analogous art. 

The combination of McNabb and England does not lead to claim 1 

As detailed pages 19-21 of the Appeal of January 4, 2008, both McNabb 
and England fail to disclose or suggest creating a log of the performance of 
specific processes only, and even teach away from such log or from "a log of the 
performance of the processes performed according to the specified levels of trust" as 
claimed in claim 1. 

In page 13 of the Answer, the Examiner opines that claim 1 does not 
exclude the logging of processes that may not have been performed according to 
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the specific levels of trust. The rationale of the Examiner is that "if every process 
or operation in the system is logged, then clearly any processes performed 
according to specified levels of trust are logged, as claimed". 

The Appellant respectfully disagrees. Claim 1 recites: "the computing 
platform executing the service according to the specification and logging performance of 
at least one of the processes for which a level of trust was specified; and 

the computing platform providing the requester with a log of the performance of 
the processes performed according to the specified levels of trust". 

By opining that "claim 1 does not exclude the logging of processes that 
may not have been performed according to the specific levels of trust", the 
Examiner opines that claim 1 above has the same scope as a claim that would, 
instead of the above features, recite: "the computing platform executing the service 
according to the specification and logging performance o f at least one of the processes fer 
which a level of trust was specified; and 

the computing platform providing the requester with a log of the performance of 
the processes performed according to the specified levels of trus t". 

In other words, the Examiner denies meaning to the distinguishing 
language of claim 1, and then opines that claim 1 does not distinguish from the 
prior art. The Appellant respectfully submits that the above interpretation of the 
language of claim 1 goes beyond giving to the claims the "broadest reasonable 
interpretation consistent with the specification". 

Further, the Appellant respectfully submits that, contrary to the assertion 
of the Examiner, claim 1 clearly excludes the logging of processes that have not 
been performed according to the specific levels of trust. For example, claim 1 
recites "logging performance of at least one of the processes for which a level of trust was 
specified"; and "providing the requester with a log of the performance of the processes 
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performed according to the specified levels of trust". The Appellant notes that "a log of 
the performance of the processes performed according to the specified levels of trust" 
distinguishes from "a log of the performance of the processes". The skilled person 
readily understands that providing a log of "every process or operation in the 
system", as opined by the Examiner, results in providing a mass of information 
that is not usable as such by a requester, contrary to "a log of the performance of the 
processes performed according to the specified levels of trust" as claimed. 

The rationale of the Examiner is comparable to opining that providing a 
yellow pages book reads on providing a list of the ten best restaurants of the 
town. The Appellant respectfully disagrees and submits that even if it can be 
argued that the ten best restaurants are actually named in the yellow pages book, 
a requester cannot extract the information relating to what the ten best 
restaurants are from the yellow pages book, whereby a yellow pages book cannot 
be used as a list of the ten best restaurants of the town, and can therefore not be 
called a list of the ten best restaurants of the town. 

Similarly, in the present instance the requester could not extract the "log of 
the performance of the processes performed according to the specified levels of trust" 
from a log of "every process or operation in the system", as opined by the 
Examiner. It follows that the recited "log of the performance of the processes 
performed according to the specified levels of trust" distinguishes from a log of "every 
process or operation in the system", contrary to the Examiner's opinion. 

In page 14 of the Answer, the Examiner opines that access control 
mechanisms that prevent covering of tracks or elimination of evidence, as the 
audit track of McNabb, do not necessarily constitute a teaching away from 
providing a user with a log. The Examiner notes in particular that "although 
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these access controls clearly prevent writing to the audit track or logs [. . .] there is 
nothing to suggest that read access to the audit trails is limited in any way". 

The Appellant respectfully disagrees. McNabb emphasizes that "once 
malicious users crack the perimeter defenses, they can get the keys and trick the 
authentication system into accepting their false identities, and the system and all 
its resources are rendered defenseless". The skilled person readily understands 
that should the audit trail of McNabb be available for reading by any user, it 
would provide invaluable information to a malicious user looking for cracks in 
the defenses of McNabb' s system 

In page 14 of the Answer, the Examiner further opines that the Appellant 
provides no evidence in support of stating that "the boot log of England is not 
provided to the user". The Appellant notes that England recites (see Abstract) 
that "a record of the loading of each component is placed into a boot log that is 
protected from tampering through a chain of public-private key pairs". The 
Appellant notes that the skilled person readily understands that a chain of 
public-private key pairs such as used for protecting England's boot log forms 
part of an encryption scheme that renders the boot log unreadable to a user. 

At least in view of the above, the Appellant respectfully submits that both 
McNabb or England actually teach away from limiting read access to the audit 
trails or logs, contrary to the opinion of the Examiner, and thus teach away from 
"providing the requester with a log of the performance of the processes" as 
recited in claim 1. 



Further considerations 

In pages 10-11 of the Answer, the Examiner opines that the Appellant has 



Application Serial No. 09/920,554 
Appeal brief 
Page 11 

failed to provide specific evidence to assert that "it seems a bit fast to conclude 
that McNabb and England are analogous art" and that "the Examiner has failed 
to show why a combination of McNabb and England would guarantee the ability 
to distinguish between trusted and non-trusted systems executing on the same 
computer". 

The Appellant notes that it has now been detailed above how the 
Examiner has failed to show that McNabb and England would be analogous art, 
and how the Examiner has failed to show that there would even be trusted and 
non-trusted systems executing on the same computer in McNabb that would 
have motivated the skilled person to solve the problem of how to guarantee the 
ability to distinguish between trusted and non-trusted systems. 

In page 12 of the Answer, the Examiner opines that McNabb's teachings 
are not limited to servers and England's teachings are not limited to clients. 

The Appellant notes that it has now been detailed above why McNabb's 
teachings are limited to servers and why England's teachings are limited to 
clients, contrary to the Examiner's assertions. 

In page 14 of the Answer, the Examiner opines that the Appellant does not 
argue the merits of claims 2-6, 14-23, 25-26, 29 and 31. 

The Appellant notes that claim 2 as pending recites that "a level of trust is 
specified for at least two processes in the specification, and no performance logging takes 
place for at least one of the processes for which a level of trust is specified in the 
specification". The Appellant notes that claim 2 as pending explicitly recites that 
no logging takes place for at least one process, and respectfully submits that for 
this reason also, claim 2 is non-obvious over McNabb and England. Indeed, as 
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discussed above, both McNabb and England teach creating indiscriminate boot 
logs / audit trails, and thus teach away from a method as recited in claim 2, 
which specifically recites that no logging takes place for a process. 



CONCLUSION 

For the extensive reasons advanced above. Appellant respectfully 
contends that each claim is patentable. Therefore, reversal of the above- 
addressed rejections and objections and re-opening of the prosecution is 
respectfully solicited. 



The Commissioner is authorized to charge any additional fees that may be 
required or credit overpayment to deposit account no. 08-2025. 
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